Disable Content-Security-Policy Disable Content-Security-Policy

Developer Tools
Version: 3.0.0
Last Update: 2020-05-06

Overview

Disable Content-Security-Policy is a Chrome extension developed by Phil Grayson. According to the data from Chrome web store, current version of Disable Content-Security-Policy is 3.0.0, updated on 2020-05-06.
50,000+ users have installed this extension. 70 users have rated this extension with an average rating of .

Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Use at your own risk. This disables the Content-Security-Policy header for a tab. Use this when testing what resources a new third-party tag includes onto the page.

Click the extension icon to disable Content-Security-Policy header for the tab. Click the extension icon again to re-enable Content-Security-Policy header.

Use this only as a last resort. Disabling Content-Security-Policy means disabling features designed to protect you from cross-site scripting. Prefer to use report-uri which instructs the browser to send CSP violations to a URI. That allows you keep Content-Security-Policy enabled in your browser but still know what got blocked. https://report-uri.com is a free tool that gives you a web interface to inspect CSP violations on your site.

Rating

70 ratings
5
4
3
2
1

Total Installs

50,000+

Information

Last Update

2020-05-06

Current Version

3.0.0

Size

23.53KiB

Author

Phil Grayson

Website

None

Category

Developer Tools

Disable Content-Security-Policy Alternatives

Name Category Rating Rating Count Installs
extension logo Always Disable Content-Security-Policy Developer Tools
(12) 10,000+
extension logo Content Security Policy Override Developer Tools
(8) 2,000+
extension logo CORS Unblock Developer Tools
(109) 100,000+
extension logo Ignore X-Frame headers Developer Tools
(132) 100,000+
extension logo Content Security Policy (CSP) Generator Developer Tools
(8) 10,000+
extension logo Cross Domain - CORS Developer Tools
(53) 40,000+
extension logo Allow CORS: Access-Control-Allow-Origin Productivity
(225) 600,000+
extension logo Redirect URL, Modify Headers & Mock APIs Developer Tools
(1033) 100,000+
extension logo Moesif Origin & CORS Changer Developer Tools
(184) 200,000+
extension logo Resource Override Developer Tools
(186) 60,000+
extension logo CSP Tester Developer Tools
(7) 1,000+
extension logo ModHeader - Modify HTTP headers Developer Tools
(677) 700,000+
extension logo Redux DevTools Developer Tools
(665) 1,000,000+
extension logo CSP Evaluator Developer Tools
(27) 10,000+
extension logo Tamper Chrome (extension) Developer Tools
(235) 50,000+
extension logo Apollo Client Devtools Developer Tools
(242) 200,000+
extension logo Simple WebSocket Client Developer Tools
(96) 100,000+
extension logo Chrome extension source viewer Developer Tools
(389) 100,000+
extension logo Whatfix Studio Productivity
(24) 100,000+
extension logo Postman Interceptor Developer Tools
(929) 700,000+
extension logo axe DevTools - Web Accessibility Testing Accessibility
(101) 200,000+
extension logo Request Interceptor Developer Tools
(44) 10,000+
extension logo Xdebug helper Developer Tools
(433) 300,000+
extension logo iFrame Allow Developer Tools
(28) 20,000+

Latest Reviews

See More

avatar Valdek Ingmar
2022-05-09

It has no effect on the CSP headers when enabled and active for given tab.

avatar Logan
2021-12-01

Doesn't work, or no longer works.

avatar Vladimir Panteleev
2021-08-23

I observed the following bug:

If a website sends a Content-Security-Policy for one request, and then stops sending it for follow-up requests, Chromium still acts as if the old Content-Security-Policy is in effect.

This happens if the extension is merely loaded in the browser (not activated by its button).

Made me tear my hair out for a bit :)

avatar Oskar Mothander
2021-07-06

Doesn't work with latest Chrome

avatar william dutton
2021-06-23

Sadly did not work with latest google chrome, on 302 redirects where csp has been set to ultra hard bad mode.